FAQ SafeSign Identity Client

Both, Microsoft and AET Europe have tested and approved the 32-bit and the 64-bit version of SafeSign IC 3.0.112 in combination with Windows 10. Here is an overview of known issues:

Version 1511: During the Windows 10 Anniversary update you may need to de-install SafeSign 3.0.112 or 3.0.113 when a message pops up. Read more here >.
Upgrade 1511 to 1607: Reported issues of SafeSign IC 3.0.112 know from the Support team of AET with upgrade Windows 10 from 1511 to 1607. Advice is to skip the 1607 version and upgrade directly to version 1703.
Version 1607: No issues known.
Upgrade 1607 to 1703: No issues known.
Version 1703: No issues known.

Further investigation has made clear that all Windows 10 editions (version 1511 build 10586) cause issues with all versions of SafeSign Identity Client. ?The solution for this ‘policy issue’ is to update with the January 2016 patch build 10586.63. Both versions of SafeSign perform correct on build 10586.63 of Windows 10 and all functionality is restored and available. Read more here >?

For OS X applications that make use of Apple Keychain, AET provides a product called SafeSign Identity Client TokenLounge, which serves as an add-on to SafeSign IC. The latest version of TokenLounge supports MAC OS X 10.10 (Yosemite) and OS X 10.11 (El Capitan) for Apple Keychain related applications such as Safari and Mail. TokenLounge allows you to use smart cards or USB tokens to logon to the local computer from OS X 10.11.4 onwards. Please ask your AET Solution Partner for more details.

When downloading a SafeSign 3.0.112 installer package in Internet Explorer you get a message that the signature of SafeSign is corrupt or invalid. The message is related to enhanced security measures for SHA1 files in IE for dowloads. The workaround is to rightclick on the Download entry and select “Run Anyway” or close the window and select the executable in your Download folder and run it from this folder. Another option is to use another browser like FireFox or Chrome to download the SafeSign file.

The RSA SecurID SID800 authenticator is a multi-function device that combines the features of the RSA SecurID hardware authenticator with a smart chip based on Sun Java technology, packaged together in a more convenient USB form factor. This single authenticator is designed to generate time synchronous onetime- passwords (OTP) for anytime, anywhere access, support PKI for authentication, digital signatures and file encryption and securely store password information; making it an ideal choice for a wide range of environments where diverse system, application and customer needs exist.

The RSA SecurID SID800 USB-Token is supported by SafeSign IC like a normal JavaCard.

Please keep in mind that to use any JavaCard with SafeSign IC, the SafeSign IC Applet must be loaded on the token. This SafeSign IC applet can be pre-loaded on the token, or loaded by SafeSign IC as part of the initialization of the token.

In either scenario, to be able to load the applet, the KeySet used to protect the token must be known. If the token was set with a custom KeySet during production, this KeySet must be obtained from the manufacturer (i.e. RSA) to be able to prepare the token for use with SafeSign IC.

Since the token has an integrated Omnikey reader, the driver for the Cardman 6121 can be used. But the token is CCID compatible, which means that most OS’s like Linux and MAC OS X support the token without additional drivers.

This error is an indication that the card you are using is not (yet) supported by your version of SafeSign identity Client. Please contact your local supplier of the SafeSign IC software and ask them for a recent version that supports the inserted card.

When certain cards are not functioning in Internet Explorer after updating SafeSign IC from an older version like 3.0.40 or 3.0.45 there may be an issue with older registry settings not being removed. In order to make sure no wrong registry settings are being used, we have a utility called UnSafeSign which will remove the incorrect settings. Please ask your AET Solution Partner for more details.